Thanks for your replay, it really helps, but to take the question further, from what you have seen in my sample script, how should I classify packets with "tc" ? I don't know how to put them in separate classes,. What I have in my script will only shape metro traffic, but for international how would the "tc" command be? Something like: /sbin/tc class add dev eth2 parent 1:2 classid 2:11 htb rate 50kbit ceil 100kbit prio 5 /sbin/tc filter add dev eth2 parent 1:0 protocol ip prio 5 u32 match ip dst 192.168.254.10 flowid 1:11 Would this be the correct commands? Thanks again. Alex ---begin my script---- sbin/tc qdisc add dev eth2 root handle 1: htb default 10 /sbin/tc class add dev eth2 parent 1: classid 1:1 htb rate 10M #metro /sbin/tc class add dev eth2 parent 1:1 classid 1:10 htb rate 10M /sbin/tc filter add dev eth2 protocol ip parent 1:10 prio 3 handle 6 flowid 1:10 #international /sbin/tc class add dev eth2 parent 1:1 classid 1:2 htb rate 10M /sbin/tc filter add dev eth2 protocol ip parent 1:10 prio 3 handle 5 flowid 1:2 /sbin/tc class add dev eth2 parent 1:1 classid 1:11 htb rate 50kbit ceil 100kbit prio 5 /sbin/tc filter add dev eth2 parent 1:0 protocol ip prio 5 u32 match ip dst 192.168.254.10 flowid 1:11 /sbin/tc class add dev eth2 parent 1:1 classid 1:12 htb rate 50kbit ceil 100kbit prio 5 /sbin/tc filter add dev eth2 parent 1:0 protocol ip prio 5 u32 match ip dst 192.168.254.11 flowid 1:12 ....etc --end-- ----- Original Message ----- From: <cmulcahy@xxxxxxxxx> To: "Alex" <alex@xxxxxxxxxxxxxxxx> Sent: Tuesday, September 30, 2003 9:07 PM Subject: Re: HTB and metro+int. limits > Alex > > Alex writes: > > > Hello, > > I need to setup HTB to limit the bandwidth, but I need to have 2 types of > > limits, because my ISP gives me more bandwith for sites located in my > > country, than others located outside. I have setup the following script in > > which I mark packets with mark 6 for the ip clasess for the sites in my > > country. What I don't know is how to continue the script with assigning > > lower limits to everything else not going from ip's in --set-mark 6. > > Maybe some of can enlighten me about this. > > Thanks, > > > > Alex > > > <snip> > ...... > > /sbin/iptables -t mangle -A PREROUTING -i eth2 -d 193.231.15.0/24 -j > > MARK --set-mark 6 > > #end metro > > # > > #2. Anything else > > /sbin/iptables -t mangle -A PREROUTING -i eth2 -d 0/0 -j MARK --set-mark 5 > > </snip> > > This will not differentiate your traffic. Everything "-i eth2" will end up > marked '5' because iptables will evaluate against every rule in order, > eventually marking them '5' whether they have previously been marked '6' or > not. > > You need to create a new table with two commands for each address range. > ie: > > /sbin/iptables -t mangle -N MYMARKER > /sbin/iptables -t mangle -A PREROUTING -i eth2 -j MYMARKER > > # and ... > /sbin/iptables -t mangle -A MYMARKER -d 193.231.15.0/24 -j MARK --set-mark 6 > /sbin/iptables -t mangle -A MYMARKER -d 193.231.15.0/24 -j RETURN > # for each metro range, and finally .... > /sbin/iptables -t mangle -A MYMARKER -j MARK --set-mark 5 > /sbin/iptables -t mangle -A MYMARKER -j RETURN > > The separate table and the 'RETURN' statements give you the "short-circuit" > evaluation you require. > > BTW: You might be able to consolidate your metro class-C's into fewer > (larger) CIDR ranges to speed evaluation. ( Your upstream provider has > likely been allocated them in this manner ) > > mulc > _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
